Information Security Risk & Compliance Analyst supporting the maintenance of ISO 27001 standards. Contributing to risk assessments and compliance across AAB’s Business Protection Team.
About the role
- Lead Security Specialist overseeing security measures for classified programs at GE Aerospace. Managing compliance with ICD 705 standards and ensuring operational integrity of sensitive information.
Responsibilities
- Oversee security initiatives for classified programs, including facility upgrades and new builds and their continued operation.
- Ensure compliance with ICD 705 standards and TEMPEST requirements.
- Collaborate with engineering, operations, and program teams to integrate security measures into project plans.
- Conduct risk assessments and implement mitigation strategies to protect classified information.
- Maintain documentation and reporting in accordance with regulatory requirements.
- Provide training and guidance to team members on security protocols and best practices.
- Oversee clearance processing, eligibility determinations, visit authorizations, and need-to-know validation; manage JPAS/DISS and associated personnel security systems.
- Implement continuous evaluation/continuous vetting practices; lead insider threat awareness and referral processes in partnership with the Facility Security Officer (FSO) and Insider Threat Program Senior Official (ITPSO).
- Partner with ISSM/ISSO to ensure classified IS compliance with RMF, NIST SP 800-53 controls, JSIG, and customer ATO requirements.
- Oversee media control, data transfer, audit, and incident response for classified networks; ensure configuration management and vulnerability remediation align with program timelines.
- Develop and enforce Program Security Guides (PSGs), SOPs, and OPSEC plans; conduct Critical Program Information (CPI) identification and protection planning.
- Lead derivative classification, marking, and safeguarding practices; perform self-inspections and corrective action plans.
- Assess and monitor subcontractor security compliance, including DD254 execution, secure communications, and classified visit control.
- Coordinate classified shipments, secure logistics, and international considerations (e.g., export control/ITAR/EAR, foreign travel/contacts).
Requirements
- Bachelor’s degree from an accredited university or college or a high school diploma/GED with at least 4 years of relative experience
- Knowledge of NISPOM/32 CFR Part 117, DoDM 5205.07 Volumes, ICDs, JSIG/RMF, and sponsor-specific directives
- Active/current final DoD Top Secret clearance with ability to obtain and maintain SCI and SAP access as required by the program.
- Expertise in ICD 705 and TEMPEST standards.
- Strong leadership and project management skills.
- Experience in classified program security and facility management.
- Ability to work in a fast-paced, high-security environment.
- Professional certifications preferred (e.g., ISP, SAPPC, SPeD, CISSP, SEC+) and experience with DISS, NISS, eMASS, and other classified network tools.
Benefits
- Competitive benefits
- Professional development opportunities
- Collaborative work environment
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Information Security Risk & Compliance Analyst at AAB managing compliance with ISO 27001, supporting enterprise risk assessments and enhancing information security systems.
Information Security Risk & Compliance Analyst at AAB focusing on ISO 27001 compliance and information security management. Collaborating across teams to ensure robust risk and compliance frameworks.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Cloud Security Architect supporting federal customer projects focused on architecture and security solutions. Conducting risk assessments and defining security requirements within a cloud environment.
Information Security Specialist responsible for enhancing cybersecurity posture through incident management and compliance. Collaborating with cross - functional teams to monitor threats and implement security measures.
Senior Lead Info Security Architect leading and collaborating on cybersecurity solutions at TIAA. Responsible for secure design and implementation of cloud security strategies and practices.
Part Time Security Officer providing protection for Collector's personnel and assets at trade shows across North America while reporting to Security Shows & Transportation Manager.
Enterprise Security Architect at PBCN GmbH designing and implementing security architectures. Collaborating with teams to ensure application security and conducting risk assessments.
IT & Security Manager at Medenterprises managing technology and cybersecurity for healthcare professionals in Australia and New Zealand. Leading strategic initiatives and infrastructure to enhance security posture.